As a follow-up to my first question - I asked Google Gemini about the spf record and it suggested the following

v=spf1 a mx include:_spf.greenby.co.uk ~all

It dropped the Plusnet details but I don't know whether this is OK to do yet or if I should keep them in for the time-being. More importantly, it suggested the .co.uk exptension for the greenby part rather than .com - the explanation being...

Note on spf.greenby.com: Some migration guides mention spf.greenby.com, while others use _spf.greenby.co.uk. I recommend using include:_spf.greenby.co.uk as it is the standard for the Enix/Mythic Beasts platform that powers Greenby.

Any guidance on this would be helpful.

Thanks, Annie

@Annie I may be wrong here, but I don't think I'd trust that response, AFAIK Greenby (Enix ) and Mythic Beasts are two distinct companies. @MisterW will confirm, hopefully.

Thank you John.

@Annie  @jab1  is correct EnIx and MB are completely different organisations. .

In any case the outgoing SMTP for plus.com hasn't switched to Greenby yet so you don't need to change anything yet.

Thank you @MisterW I take it there will come a time when settings will need to be updated. When that happens will I need to add the DKIM record to my domain's DNS?

I think I have seen mention that the username format in email clients should be the full email address rather than my current format of username+emailprefix. Should I change this now or wait?

@Annie TBH if you are sending from your own domain , then I don't see how DKIM  will work. 

As to username format , both are supposed to be supported but there does seem to be issues with the account+mailbox format

I am sending via relay.plus.net  and disguising the email address by using my domain's address in my email clients. I use it as a forwarder to receive mail too. In theory, I could move it into my webspace and have a mailbox but I can't do this with my aunt's similar setup because I don't have space to host any more domains there.

@Annie 

I am sending via relay.plus.net  and disguising the email address by using my domain's address in my email clients

DKIM wont work in that situation. relay.plus.net will DKIM sign the outgoing mail ONLY for the plus.com domain. If you use your own domain name as the sender, then the DKIM signature is not valid for that domain

I suspect (but dont know for sure) that when the outgoing mail is migrated to Greenby, that the same situation will remain, the DKIM signature will be for plus.com.

@MisterW I think I may have slipped up with my explanation. When I send email in Thunderbird, I use the username and password of my Plusnet/Greenby account together with the relay.plus.net server. I just put my domain's email in the Email Address box under the Default Identity section (I think this basically means it shows that address in the From field). I am assuming that this would cause a mismatch. Plusnet didn't allow any DKIM records but Greenby seem to provide a DKIM key. Apologies if I'm not making much sense. I'm not technical.

@Annie 

I just put my domain's email in the Email Address box under the Default Identity section (I think this basically means it shows that address in the From field)

That's absolutely correct

Plusnet didn't allow any DKIM records but Greenby seem to provide a DKIM key.

Yes they do provide one but I fail to see how it will work. A message must be DKIM signed by the domain in the FROM field. If Greenby doesnt actually host your domain then it wont know how to sign for that domain. 

I could be wrong, but I dont understand what the point of the DKIM key is that Greenby provide in the portal.

Ah OK. so should I enable the DKIM key within my domain's settings at Fasthosts or does this still not work?

ICBW but I don't think that will work. The key in your domain DNS ( I assume at Fasthosts) is the public key to be used by a receiving server to check the DKIM signature in your email. AFAICS the Greenby servers wont DKIM sign any outgoing mail for your domain because they dont host it. All that will happen if you add the key to your domain DNS is that receivers of your email will try and check for a DKIM signature, find there isnt one and detect a DKIM failure.

I thought I'd give Greenby's AI support a go and this is what it said. I can't vouch for its accuracy as it's a AI assistant.

DKIM records go on your custom domain - not in your Greenby account's DNS, but in your domain’s DNS settings

However, the DKIM keys themselves need to be generated by Greenby since they're the mail server actually sending your emails.

What You Need to Do

1. Check your Greenby dashboard to see if DKIM records are available for your Plusnet account
2. If available, copy those DKIM DNS records
3. Add them to domain’s DNS zone

The DKIM record from your Plusnet account needs to be added to domain’s DNS zone since that's the domain you're sending from in your "From" field.

This way, when emails are sent via Plusnet's servers showing your domain as the sender, the receiving servers can verify the DKIM signature matches.

That's the theory. I'm a bit dubious where Greenbys AI bot is concerned. All I can suggest is you give it a try , send to yourself and check the received headers. 

I certainly don't think it will work at the moment because, even on migrated plus.com accounts. outgoing mail is still via the Plusnet servers.

I have access to a plus.com test account and once I know mail is being sent via the Greenby servers, DKIM is one thing I'll be testing